Posted
by
timothy
on Thursday January 05, 2012 @12:36PM
from the control-z dept.

MrSeb writes "Microsoft, in its infinite wisdom, will provide push-button Reset and Refresh in Windows 8. Reset will restore a Windows 8 PC to its stock, fresh-from-the-factory state; Refresh will reinstall Windows 8, but keep your documents and installed Metro apps in tact. For the power users, Windows 8 will include a new tool called recimg.exe, which allows you to create a hard drive image that Refresh will use (you can install all of your Desktop apps, tweak all your settings, run recimg.exe... and then, when you Refresh, you'll be handed a clean, ready-to-go computer). Reset and Refresh are obviously tablety features that Windows 8 will need to compete against iOS and Android — but considering Windows' malware magnetism and the number of times I've had to schlep over to my mother's house with a Windows CD... these features should be very welcome on the desktop, too."

I have a Vista install since 2007 still running as fast as when I installed it, with no errors or problems. Want to know how I achieved this amazing feat?

I didn't click on "punch the monkey" ads, blindly click through installers which would install 5,000 toolbars in my web browser, click on random emails, or install software from that nice russian/nigerian person in the email.

This refresh supposedly preserves not just documents, but installed metro apps.

The purpose of re-installing the OS (after wiping the drive) is usually to get rid of malware, not as a solution to performance problems.

Crapware is the least of my worries. How is Microsoft going to convince me that the refresh itself cannot be compromised? More specifically, how long will it take before somebody demonstrates an exploit that preserves the malware (rootkit) regardless of how many times the user clicks the "button"?

The only way to ever be sure is to "nuke it from orbit". Rootkits that can survive in equipment firmware are pretty damn rare, so I am fairly confident that wiping the drive completely is a sure way to get a clean install.

Data is just data. The most worrisome to me is of course PDF, but generally, data and documents can be cleaned pretty well. Programs always have to be re-installed.

I question the entire methodology of this "refresh" idea and whether or not it can even accomplish its purpose.

The technique I use when I work on clients' machines is to wipe the hard drive and set up about a 10 GB partition where I will put linux on it later on. I then reinstall Windows from the disk they have (or that I have) using the license sticker on the computer to register. I remove all the crap I can find, install decent browsers, firewall, anti-virus, anti-spyware, also the software they need for their work and I make sure all the drivers are up-to-date and that the machine is screaming fast. When done, I install an almost bare-bones Linux on the small partition. I set up the bootloader to boot into Windows by default after only 1 second. Then I make a copy of the MBR and I dump an image of the Windows partition using the NTFS-3G's ntfsclone utility. I then create a shell script that would restore that image and the MBR and make sure it's easy for the client to run.Next time they call me to say their machine is completely toast (not frequent, but it happens), I remind them of that option to do a full restore to a working and clean system. They have been trained to put their important data on external drives so the only thing they will lose is the crap they added after I was done.There, in less than 10 minutes, without having to drive there, they have a fully working system, and fast too.

I agree. I've been setting up Win7 systems for various people, and with the exception of just one (who had a habit of collecting applications from around the internet), all those systems are still stable and solid. Mine, in particular, hasn't been turned off, and only restarted due to some patching, and it's still stable and solid.

However, I do like the idea of a built-in reset, especially if you can use it to rid yourself of 'crapware' on a new system with minimal effort.

OEMs can set up the 'reset' to include their crapware. And most likely will.

However, users like yourself can uninstall all that crapware once, then take a new snaphot just the way you like it, with just the tweaks and apps you like, and THAT will become the new 'fresh' install image. So at least it's just pain once, and not every single time.

And after SPs and tons of updates, you can re-snapshot so you don't have to re-apply all those as well.

It's attitudes like yours that explain why Android and iOS are the future for many computer users. Blaming the user for an easily exploitable system will drive them fully into the arms of walled gardens and locked bootloaders. Perhaps that's where they want to be - and maybe that's good for the sanity of geeks like you and me. However, I think in the long run, defaulting users to locked systems is a bad thing for software freedom and the availability of general purpose computing devices.

Sounds exactly like what he was just saying about general purpose computing....

Can't there be a viable middle-ground though? Why is it always framed as a free and open "general purpose" system, vs. a walled-garden model?

All many of us desire is a full-blown mainstream OS that's hardened enough against malware and virus threats so things like "clicking the wrong ad banner" on some website aren't enough to take the system down.

If users flock to walled gardens with locked down boot-loaders, it's not really the fault of the "computer-savvy user" who cast blame on them, so much as it's a failure of the developers of said mainstream OS's to succeed in meeting these requirements.

Yes I want freedom and install whatever I want. No I don't want those malware! No I don't really understand what it is when I click 'install now'. But yes I really want to install whatever I want, freedom remember? No, I don't want to get a virus or something like that. When I say install, I mean install! No, I don't want to be locked in a walled garden. No I am not an idiot, you idiot!

WIndows side-by-side (that horrible multi-gig bloat in the winsxs directory) has long since fixed DLL isues. You might want to update your criticisms to things that are still actually wring with Windows.

Incidentally, my sister's HP laptop Windows 7 installation broke months ago as she would get "Incorrect side by side configuration" for many applications.

I tried to fix it during the year-end vacation. I could not spot any suspicious viral activity (there were a few toolbars though, although the Yahoo one was in the HP "distribution"), and the computer was no slower than when new (actually, it booted faster as the HP toolbar crapware that makes Windows 7 unusable the first minute after you get to the deskto

Wow, I haven't seen a bluescreen on a non-overclocked PC in 8 years or so (well, except during driver development, of course), except when I tried to run a VMware image on a VirtualBox host, and hadn't properly cleaned the VMware tools off.

But the DLL issues that used to be the bane of Windows were when two programs needed conflicting DLL versions, and so no matter what you did at least one of them wouldn't work. That seems fixed now, even with games.

Next step is to have Windows 8.5 just auto-refresh every few months since Microsoft seems to assume you'll be doing it any how.

Good, because MS has been making it increasingly difficult to be able to do a reinstall even if you have a licensed copy.

Between "upgrade" disks which only work if you have a working install, and the trend to get rid of recovery disks... it's about time Microsoft realized that the only way to maintain a system over a period of time is to rebuild the OS periodically.

Microsoft recently sued [computerworld.com] a computer reseller for piracy because they made recovery disks available to users.

In my experience, the recovery software installed by OEMs is complete shit.. the process for creating it on my wife's HP laptop failed, and then said you were only allowed to do it once, leaving us without one. So, Microsoft hopes when your system crashes you'll go buy a new copy... but if you've already paid for a copy, you might as well pirate it.

I know the last few PCs I've bought I've insisted I receive a full boxed install media... not the OEM, but the retail one, and I pay for it. Because if you don't have this, when your Windows system needs to be rebuilt, you're probably hosed.

The trend to not give people install media (in order to prevent piracy) has largely left people with systems they can't repair, and an incentive to pirate what they've already bought.

If a crashed/hosed computer means you lose your data and you'll have to spend as much money as a new computer costs... something has gone seriously wrong.

First thing I do when I get a new windows PC is make an image of the hard drive and put it somewhere safe. Windows 7 makes this pretty easy with the built in tools, and all you need is a recovery disk to boot into the mode to apply the update so the machine doesn't have to be bootable.

The first thing I did, when I got my new hp laptop, about about a year ago, was try to make an image with those built-in tools. It ran for hours, and I got all kinds of error.

Even if things seemed to go smoothly, how do you know if tyou have a good image? If you try to install the image, and something goes wrong, you are completely SOL. For that reason, I doubt many people try their new image until they really need it. If it doesn't work,

Good news for you! Windows 7 reinstall disks can all be downloaded direct from microsoft, and apparently they will work just fine with OEM keys. It looks like they got rid of the distinction between media and key types, so I am assuming a retail key will also work with these.

The article has the 5 links to the MS-hosted isos. They also have a tool which will let you change one iso into another.

The original Windows 7 upgrade iso/disc was horrible. License wise, you were 100% allowed to upgrade from XP. However, since there wasn't a software upgrade path, you needed to wipe the drive first. Windows 7 would then fail to active on your upgrade only license because "you didn't upgrade." The only way to fix it was to boot into recovery mode or from an alternate medium, and edit a registry entry from "this was a fresh install" to "this was an upgrade". And that even on Microsoft KB as the approved method of fixing the issue!

Luckily, they realized how terrible this was and started trusting the user that they own a previous version of Windows that they are upgrading.

It was very annoying jumping through those hoops. I'm glad my wife's PC is the only MS box in the house.

This is false.The first retail Windows 7 Upgrade disc had an installer that checked for a valid license (XP, Vista, 7) and let you proceed.With XP, the only option was to completely wipe the disk and do a cleam ("custom") installation.

If you wiped the disc yourself prior, the Windows 7 installer obviously wouldn't let you continue.If you had a blacklisted XP key, the Windows 7 installer obviously wouldn't let you continue. Such keys include fake keys, pirated keys, as well as keys that are single-installation only, such as keys released through the MSDN-AA program (cheap/free XP through your university).

If you let Windows 7 wipe the drive and install, it worked fine. If you fucked up in the middle and restarted (e.g. you didn't have your RAID drivers on hand, you had to go back into BIOS to set AHCI, you're retarded), you had to jump through hoops. The most common hoop, of course, was to install without the key and then either:1) Reinstall on top of that with the key.2) Do some registry / command line voodoo to reset the activation and input your key.

You did it wrong; you're not supposed to wipe your drive before the installation. You're supposed to start the installation in Windows, then follow along the install and choose a custom install. Never had a problem activating this way.

You can reinstall on the same hardware as many times as you like. You can change everything but the motherboard freely.

If they don't give you the disc, and the recovery feature in the OEM crap doesn't work... none of what you say is true. And I've seen far too many computers which came with absolutely no media for the OS.

Besides, the amount of shit that is usually in an OEM install often makes it almost unusable. On my mother-in-law's Toshiba laptop I had to strip out all of their crap to make the machine usable. It was full of wizards, and other tools designed to hand hold you so much that the computer had no CPU and memory left to actually do anything... the retail copy has none of that shit.

In short, the retail versions are for suckers with too much money to burn, they're priced so that no rational person would buy them.

*shrug* That's your opinion and experience. I bought a single machine, which I intended to run Vista on. If the machine became corrupted, I intended to install Vista back onto it. I did the same with my previous XP box, and I'll do the same with my next box for whatever version of Windows is de-rigeur by then.

For me, paying the retail price for the OS means I don't have to go through some of the bullshit I have had to go through by not having the install media, which has left me stranded without being able to reinstall unless I was going to get a pirated copy.

As I said, my wife's shitty HP laptop came with no install media for Win 7, and the process of creating the restore disk failed and couldn't be retried. So, if anything goes wrong, it's cheaper to buy a new laptop than to try to fix it. Or, just say fuck it and pirate Windows.

From what I've experienced, only the full retail copy lets me do a reinstall from scratch -- anything else leaves you with a half assed solution that takes far more of my time than I'm willing to invest.

I downloaded a DVD image from a month ago. I lost my home premium oem cd from a year ago. I called microsoft and they said call the shop you bought it from. The shop pointed me to a Digital River (an authorised microsoft reseller) website with all the ISO files. The install accepted my oem key and online activation went without a hitch. Didn't even need to burn the image to a dvd, just follow a few steps to boot from a usb drive

Next step is to have Windows 8.5 just auto-refresh every few months since Microsoft seems to assume you'll be doing it any how.

Yeah, once a worm has messed it up, you pretty much have to.

Repairs to XP after a worm leaves you with a rather brain-damaged and stupid mess of a system, which keeps losing track of drivers or having two drivers (I can't find the source of the phantom one) running concurrently and interferring with each other.

May I suggest Microsoft follow in the footsteps of Apple and start planning a future departure from these stupid Windows systems and start looking at building a whole new environment on a bsd or Linux

How true, how true. I'm more interested in corporate/government applications for refreshing machines across the enterprise, but we all know it'll take 3-5 years just top upgrade everyone to Windows 7, much less Windows 8.

I forgot to add that the reason for re-installing is because you're installing from a known-to-be-clean source. Once viruses get into the image, what's the point?

It's not mentioned, but it'd be nice if you could save the image on an external drive that you could unplug from the system to keep the image safe. Before I switched to using Linux on my desktop, I did much the same thing with a Clonezilla image.

I was thinking have it be on an encrypted partition that you said the password for on the initial install or first boot... that way you don't have to worry about your grandmother losing the external drive its saved on.

Even if you store the image on a clean source, what if the restoring application itself is infected? You simply can't trust anything that boots from he same hard drive.

Well, you think it through a bit.

First, the recovery image has to be "safe". There are very few admin tasks you can do that won't trigger some sort of UAC thing or other task, and users run as low priviledge by default. Thus standard OS permissoins can keep the recovery image safe (priviledge escalation bugs notwithstanding). Next you sign th

Perhaps Microsoft anticipated this and the images will be digitally signed.

They almost certainly are, otherwise this would be almost pointless. The problem is, how do you know it's actually been applied correctly? If I was a virus writer, I'd replace the real reset button with a fake one that did appear to clear everything but in reality gave you an empty, rooted box. To do this properly you don't only need a signed file but also a secure environment, like in the BIOS or something like that which hopefully hasn't been compromised.

An MD5 that you then store on disk along with the refresh image? Not so helpful. You could sign the MD5 hash, but then where do you put the public key to verify the signature. (At that point, at least, you've made it incrementally harder for malware to pull this off, since a fair bit of stuff has to be changed.)

Don't worry, when Ubuntu is attractive enough to be a target to desktop malware, they will find a way. Considering the somewhat recent debian repository incident, I wouldn't be overly confident about the purity of both your DVD and the subsequent GB of updates it will download after install.

In general, backups should be stored separately from the system. Backups at rest should not be at risk of attack from the infected system. It has already been suggested elsewhere in this discussion that Windows should allow the baseline image to be stored on removable media, and that is definitely a good idea. Without that, the baseline image is subject to much of the same risk as the running system.

There have been some BIOS virus proof-of-concept over the years, and EFI boot will present a brand new attack vector for persistent malware. So, reinstalling from a CD/DVD may not be enough to prevent infection.

It would be trivial to encrypt the image and even more trivial to keep the image on removable media. Without knowing the details, which haven't been released yet, it's impossible to say how secure or insecure this system is. But I'd go far enough to say that it's certainly better than the current situaion, since it's unlike a virus would have access to the image unless it had already compromised the system anyway. Best case, you painlessly restore, worst case is exactly the situation we have today.

Once malware developers get their hands on this, they'll be sure to find a way to infect the process such that their stuff gets "reset" and "refreshed" along with everything else.

I doubt it will be that useful to evade the really nasty malware, but at least it will provide an easy way for someone to "go back to step 1" with their computer after they ruined it all by themselves... or even someone who wishes to give it to a friend/family member/goodwill for recycling.

I suspect one of the main reason people throw away computers after they buy a new one, rather than recycle it, is because they're afraid someone else will see all their porn and/or "sensitive documents" that might still be hidden on the machine.

As I stated elsewhere this is already possible with System Restore, except ACLs block it for at least minimal protection. Of course refresh/reset is NOT a security feature, it strikes me more as a maintenance feature, for when various registry settings get messed up or otherwise things break mysteriously in Windows, you can just go back and have it fixed. It sounds like System Restore but it would avoid trouncing user data (unless you tell it to) and it would backup more than just program binaries and the

...about the innate instability of an OS, that they need buttons to reset everything back to bare metal

Or perhaps it says something about incompetence of its users, being unable to fix problems they have caused? Many I've seen posts by users about "reinstalled (Linux distro) n-times and it's still not working!". Kind of reminds me of users that "reinstall windows applications" despite windows not having a problem with DLL hell for over a decade (SxS versioning) or even inability to write crap all over the OS directories for about half a decade.

PS. Wasn't it apple that came up with their "timemachine" OS snapshots first? You may also want to read the last line of the summary.

The key problem with Windows isn't windows itself but the legacy of old apps that need admin access to install and run (Who have their roots back in DOS, Windows 3.1 and Windows 95-ME). Meaning for most home users their normal account is an Admin Account because that is the one that works.Linux and Unix based systems doesn't usually have that issue as much as files can be placed and linked in ones home directory, and most programs have been programmed to be be ran by non-root users.

Could the submission be any snarkier? Malware is already a big problem on Android. I also think people underestimate Windows 8--as Google starts offering its own phones and tablets, angered Android licensees may be swayed toward putting Windows 8 on their devices. I just think you should never dismiss Microsoft.

There have been a couple malware issues in the official market. Admitted the issues are still ridiculously small for the hype they get. Oh yeah it's as bad as a PC... Even in windows 7 days, I would bet at the least, 1 in 5 windows 7 users have had a virus infection. While I would estimate the android numbers to be 1 in 5,000 or so, and the majority of those stem from people attempting to pirate apps via shady chinese marketplaces. Androids policies are done intelligently, they have a location that is safe

...with one line of bash script. On my XP machine, there are three partitions: for Windows, software, and documents (Think/bin,/usr,/home) The Linux side has a zip archive of the windows partition. When I want to restore WIndows, I boot into Linux and run unzip and just overwrite the whole partition.

Fortunately this idea is sufficiently obscure that malware doesn't know about it. So your zip file, and the Linux system that holds it, are safe. If this catches on, malware writers might figure it out. I do something similar, but being overly paranoid I have the partition sector image file saved (compressed with xz which gets it tighter) on a DVD that can also boot its own Linux. I also have the Linux system saved the same way on another DVD. And lately to support my netbooks more conveniently, I have

... and then spend hours waiting for Windows Update to update... reboot... update... reboot... while hoping that there isn't some horrible worm that will take over your machine while your waiting to get the critical patch that was published 20 "Patch Tuesdays" after your zip archive.

That will not work with Vista/7 due to the usage of NTFS junctions and such. So beware if you want to do this with a newer Windows. Fortunately those OSs introduced the.WIM file format which is mid-way between an archive format like ZIP and a disk image format like VHD or VMDK etc. AFAIK.WIM is a special archive format that allows for keeping track of all NTFS metadata but it's not in a rigid layout like a disk image. You can get tools to make a WIM image easy enough, "imagex" is downloadable from MS. And I believe what you can do with the image is burn a Windows Install DVD that will work like a normal Windows installer but will restore the image you made (which is essentially what the stock installer does anyway starting with Vista).

disastrously destructive buttons? Yeah, that's what we all need, a button you can push that destroys all your data. Sort of like having the big red button to launch the nukes right next to the big red light switch button.

Two stages - Core OS chip so is need to absolutely 100% load a factory image, that is it. No ability to write to this chip at all.

Secondary chip - More like a bios chip. Can be modified to load patches kernels etc. So if you've "updated" windows, it flashes it with the updates which load ontop of the core chip. Still could be very fast.

Then your hard drive loads all third party software / addons / documents.

I think it'd be exceptionally fast, not perfect but a much more secure setup (As you can flash the modded update chip or reset it to factor using the core chip)and a marvel in technology.

Of course there will be no way that malware could ever alter the saved images... no way... right?... uh... right?... oh wait! There it is, it just popped up a message and said I don't need to insert the DVD afterall.

At first, I thought, "Perfect! This is exactly what Windows has needed for years--especially since the introduction of the registry and the 'cruft' that builds up over 1-2 years of use on the average PC."

Then, after a bit, it hit me how these features really are only necessary due to an antiquated, OS model that would be better served with a complete and total overhaul. OS X might not be for everyone, but the reliance on.plist files seems to work much better in the long run than a complicated mess

When storing off images of "fresh" installs, a few hardware changes here and seventy-two Windows security updates there still make recovery a long process. Blowing away to factory works well on a tablet or phone because the hardware doesn't change, and the reset bases itself on the currently-installed version of the OS.

If Reset and Refresh incorporates security patches as they are applied I suppose things would be a little easier.

It would be cool if Linux could read the restore partition, identify the hardware from the stored data, configure it self with the parameters that windows has stored in the refresh image, then build a custom refresh image from the data.

Then we have one button refresh to a Linux based system! No muss, no fuss, simple install at the push of a button.

But I bet Microsoft designs the image in such a way as to encrypt it so that Linux can not do it.

schlep over to my mother's house with a Windows CD... these features should be very welcome on the desktop

I feel your pain. I quit having to schlep over to my mother's house every few months to reload/clean Windows when I installed Ubuntu on her computer 3 or so years ago. She even upgrades the thing herself now. I still have to schlep over there once in a blue moon but no where near every 3 months to re-image her computer every time she clicks on some stupid scam online. She did call me once after I installed Ubuntu to tell me her computer was infected but it was a Windows Exporer window that popped up "how can that be?" She don't have Windows Exporer. It was simply a flash video of an exporer window showing a fake virus scan in her Firefox on Ubuntu. She tried to click the download now button and the exe downloaded but failed to run on Ubuntu.

Dell, in its "infinite wisdom", have been providing both of these restore options for years now on a separate recovery partition. I am only personally familiar with Dell's, but I'm sure that other makers offer something similar. I still prefer a physical CD/DVD rather than a recovery partition approach... but other than that, I haven't heard much complaining over the past few years about this kind of functionality.

Microsoft takes an established third-party utility, and bundles something similar within Windows itself (as they do with practically every release)... and NOW this is suddenly a horrible idea and everyone is full of complaints? Hey, I'm hardly a Microsoft fanboy, but this is just childish. Where have the posts and the complaints about Dell been for the past few years?

Even Microsoft is inconsistant in it. For example, Windows Movie Makes saves project parts to a Local Settings subfolder.... so if you take your project files elsewhere, or even try to just log on to another computer on the network that maps the same My Documents folder, your projects mysteriously fail to open.

Everything that would be in "Home/" for a normal *nix install is in "Documents and Settings" or "Users" folder, depending on Windows version.

I've had quite a few Linux/BSD installs not put Home/ in it's own partition, however, traversing a directory tree, and getting which files/directories (and their corresponding disk nodes/table-entries) might take a couple extra minutes, but I wouldn't describe it as particularly challenging code.

The registry, outside of hives hiding in the folders I mentioned, are system settings, and the equivalent of what you find in the '/etc/' and '/usr/local/etc' directories, and therefore would also not be preserved with a *nix method of preserving "home"

Likewise with "Program Files", the parallel to that stuff typically goes to */bin, */sbin, */lib, etc. None of which are under/home, except on a pretty fucked up installation of *nix.

Mind you, there are legacy programs that will put saved data in the install

The registry, outside of hives hiding in the folders I mentioned, are system settings, and the equivalent of what you find in the '/etc/' and '/usr/local/etc' directories, and therefore would also not be preserved with a *nix method of preserving "home"

Uh, no. The registry is full of user-crap, and it's thoroughly filled with app-crap which will require you to reinstall all the apps after reinstalling the OS... and unlike Linux that's not a simple matter of running apt-get, it probably involves finding CDs or downloaded installers and CD keys and activation keys and...

Likewise with "Program Files", the parallel to that stuff typically goes to */bin, */sbin, */lib, etc.

Steam puts most of my user configuration in Program Files. Pretty much any old game puts a ton of user config in Program Files. Heck, most pre-XP apps put all their config in either Windows or Program Files.

So, sorry, your argument really doesn't work.

So long as you live in a fantasy world where no-one runs old or poorly-written apps.

A button like that on Linux probably wouldn't be that big of a deal as it could just work on all the partitions except for/home.

Indeed. Reinstalling Ubuntu on my home systems means installing from the DVD, installing any updates and then copying over about a dozen plain-text config files... job done.

When my laptop drive started getting bad sectors and I replaced it, reinstalling Ubuntu and getting it back to the pre-failure state took about half an hour, whereas reinstalling Windows took three hours just to get to the bare-bones state _before_ I could install all the updates and reinstall all the applications.

Oh, yeah, I forgot the extra couple of hours of trying to understand arcane Windows error messages and hunting around on Google for an explanation before I discovered that the Windows installer was barfing because I'd replaced a 640GB laptop drive with a 750GB laptop drive and found out how to fix that.

Not quite "refresh" like in TFA, or like OS X's archive and install. Windows never works well after a reinstall, usually ends up with a ton of error messages and apps crashing. Let's hope it works for Windows 8.